/*
    main.me -- Main MakeMe file for GoAhead

    This file contains the rules for targets to build and default settings for configuration.
    The MakeMe utility (https://embedthis.com/me) may be used to build GoAhead instead of make.
    MakeMe provides for configured builds and generates projects files.

    Alternatively, build using the 'make' utility in which case this file is not used.
 */

Me.load({
    makeme: '>=0.9.0',

    plugins: [ 'installs' ],

    blend: [
        'src/*/*.me',
        '?test/test.me',
        'paks/ssl/*.me',
        '?doc/doc.me',
    ],

    configure: {
        requires:  [ 'osdep' ],
        discovers: [ 'ssl' ],
    },

    settings: {
        /*
            Set to true to emit warnings about deprecated APIs
         */
        deprecatedWarnings: false,

        integrate: true,

        /*
            Installation prefix set
         */
        prefixes: 'install-prefixes',
        manifest: 'installs/manifest.me',

        certs: {
            gendh: true
        },

        compiler: {
            fortify: true
        },

        /*
            Set to true for a static link, or use 'configure --static'
            static: false,
         */
        goahead: {
            /*
                Log for request access logging
             */
            accessLog: false,

            /*
                User authentication
             */
            auth: true,

            /*
                Select the password store mechanism. Set to: pam, file, custom
                If using PAM, must also set authPam to true
             */
            authStore: 'file',

            /*
                Automatically login. Useful for debugging.
             */
            autoLogin: false,

            clientCache: [ 'css', 'gif', 'ico', 'jpg', 'js', 'png', ],
            clientCacheLifespan: 86400,

            /*
                Build with CGI support and directory for CGI programs.
             */
            cgi: true,

            /*
                Prefix for CGI environment variables
             */
            cgiVarPrefix: "CGI_"

            /*
                Build with support for digest authentication
             */
            digest: true,

            /*
                Directory containing web documents to serve
             */
            documents: 'web',

            /*
                Build with support for javascript web templates
             */
            javascript: true,

            /*
                Define legacy APIs for compatibility with old GoAhead web server applications
             */
            legacy: false,

            /*
                Sandbox limits and allocation sizes
             */
            limitBuffer:          1024,    /* I/O Buffer size. Also chunk size. */
            limitCgiArgs:         4096,    /* Max number of CGI args */
            limitFiles:              0,    /* Maximum files/sockets. Set to zero for unlimited. Unix only */
            limitFilename:         256,    /* Maximum filename size */
            limitHeader:          2048,    /* Maximum HTTP single header size */
            limitHeaders:         4096,    /* Maximum HTTP header size */
            limitNumHeaders:        64,    /* Maximum number of headers */
            limitParseTimeout:       5,    /* Maximum time to parse the request headers */
            limitPassword:          32,    /* Maximum password size */
            limitPost:           16384,    /* Maximum POST incoming body size */
            limitPut:        204800000,    /* Maximum PUT body size ~ 200MB */
            limitSessionLife:     1800,    /* Session lifespan in seconds (30 mins) */
            limitSessionCount:     512,    /* Maximum number of sessions to support */
            limitString:           256,    /* Default string size */
            limitTimeout:           60,    /* Request inactivity timeout in seconds */
            limitUri:             2048,    /* Maximum URI size */
            limitUpload:     204800000,    /* Maximum upload size ~ 200MB */

            /*
                Addresses to listen on. This specifies the protocol, interface and port.
             */
            listen: ['http://*:80', 'https://*:443']

            /*
                Enable application logging and tracing
             */
            logging: true,
            logfile: 'stderr:0',
            tracing: true,

            /*
                Temporary directory to hold PUT files
                This must be on the same filesystem as the web documents directory.
             */
            putDir: '.',

            /*
                Authentication realm. Replace with your realm.
             */
            realm: 'example.com',

            /*
                Replace malloc with a non-fragmenting allocator
             */
            replaceMalloc: false,

            /*
                Enable stealth options. Disable OPTIONS and TRACE methods.
             */
            stealth: true,

            ssl: {
                authority: '',           /* Root certificates for verifying client certificates */
                cache: 512,              /* Set the session cache size (items) */
                certificate: 'self.crt', /* Server certificate file. A valid certificate must be obtained */
                ciphers: '',             /* Override cipher suite for SSL.  */
                key: 'self.key',         /* Server SSL key. This is by default set to a test key. This must be regenerated */
                logLevel: 5              /* Starting logging level for SSL messages */
                handshakes: 3,           /* Set maximum number of renegotiations (zero means infinite) */
                revoke: '',              /* List of revoked client certificates */
                ticket: true,            /* Enable session resumption via ticketing - client side session caching */
                timeout: 86400,          /* Session and ticketing duration in seconds */
                verifyIssuer: false,     /* Verify issuer of client certificate */
                verifyPeer: false,       /* Verify client certificates */
            },

            /*
                Upload file support
             */
            upload: true,
            uploadDir: 'tmp',

            /*
                Enable X-Frame-Origin to prevent clickjacking. Set to empty to disable.
                Set to: DENY, SAMEORIGIN, ALLOW uri
             */
            xframeHeader: 'SAMEORIGIN',
        },

        mbedtls: {
            compact: true,      /* Compact edition - Disable non-essential ciphers and features */
        },

        openssl: {
            version: '1.0',     /* Base edition */
        },

        /*
            Build without a file system (from ROM)
         */
        rom: false,

        /*
            Default modifiecation time for rommed files.
            Set to the number of seconds since Jan 1 1970.
         */
        romTime: 1505449519432,
    },

    usage: {
        'goahead.accessLog':          'Enable request access log (true|false)',
        'goahead.caFile':             'File of client certificates (path)',
        'goahead.certificate':        'Server certificate for SSL (path)',
        'goahead.ciphers':            'SSL cipher suite (string)',
        'goahead.cgi':                'Enable the CGI handler (true|false)',
        'goahead.cgiBin':             'Directory CGI programs (path)',
        'goahead.clientCache':        'Extensions to cache in the client (Array)',
        'goahead.clientCacheLifespan':'Lifespan in seconds to cache in the client',
        'goahead.javascript':         'Enable the Javascript JST handler (true|false)',
        'goahead.key':                'Server private key for SSL (path)',
        'goahead.legacy':             'Enable the GoAhead 2.X legacy APIs (true|false)',

        'goahead.limitBuffer':        'I/O Buffer size. Also chunk size.',
        'goahead.limitFilename':      'Maximum filename size',
        'goahead.limitHeader':        'Maximum HTTP single header size',
        'goahead.limitHeaders':       'Maximum HTTP header size',
        'goahead.limitNumHeaders':    'Maximum number of headers',
        'goahead.limitPassword':      'Maximum password size',
        'goahead.limitPost':          'Maximum POST (and other method) incoming body size',
        'goahead.limitPut':           'Maximum PUT body size ~ 200MB',
        'goahead.limitSessionLife':   'Session lifespan in seconds (30 mins)',
        'goahead.limitSessionCount':  'Maximum number of sessions to support',
        'goahead.limitString':        'Default string allocation size',
        'goahead.limitTimeout':       'Request inactivity timeout in seconds',
        'goahead.limitUri':           'Maximum URI size',
        'goahead.limitUpload':        'Maximum upload size ~ 200MB',
        'goahead.listen':             'Addresses to listen to (["http://IP:port", ...])',
        'goahead.logfile':            'Default location and level for debug log (path:level)',
        'goahead.logging':            'Enable application logging (true|false)',
        'goahead.pam':                'Enable Unix Pluggable Auth Module (true|false)',
        'goahead.putDir':             'Define the directory for file uploaded via HTTP PUT (path)',
        'goahead.realm':              'Authentication realm (string)',
        'goahead.revoke':             'List of revoked client certificates',
        'goahead.replaceMalloc':      'Replace malloc with non-fragmenting allocator (true|false)',
        'goahead.ssl.cache':          'Set the session cache size (items)',
        'goahead.ssl.logLevel':       'Starting logging level for SSL messages',
        'goahead.ssl.renegotiate':    'Enable/Disable SSL renegotiation (defaults to true)',
        'goahead.ssl.ticket':         'Enable session resumption via ticketing - client side session caching',
        'goahead.ssl.timeout':        'Session and ticketing duration in seconds',
        'goahead.stealth':            'Run in stealth mode. Disable OPTIONS, TRACE (true|false)',
        'goahead.tune':               'Optimize (size|speed|balanced)',
        'goahead.upload':             'Enable file upload (true|false)',
        'goahead.uploadDir':          'Define directory for uploaded files (path)',
        'rom':                        'Build without a file system (true|false)',
    },

    customize: [
        /*
            The optional custom.me file is loaded after main.me is fully processed. It can
            thus override any setting. Feel free to create and customize.
         */
        'custom.me',
    ],

    scripts: {
        postconfig: `
            if (me.settings.goahead.authStore != 'pam') {
                me.settings.compiler.hasPam = false
            }
        `,
    },

    targets: {
        libgo: {
            type: 'lib',
            sources: [ 'src/*.c' ],
            headers: [ 'src/*.h' ],
            exclude: /goahead\.c/,
            depends: [ 'osdep', 'ssl' ],
            scripts: {
                prebuild: `
                    if (me.settings.compiler.hasPam && me.settings.goahead.pam) {
                        me.target.libraries.push('pam')
                    }
                `
            },
        },

        goahead: {
            type: 'exe',
            sources: [ 'src/goahead.c' ],
            headers: [ 'src/*.h' ],
            depends: [ 'libgo', 'install-certs' ],
            scripts: {
                prebuild: `
                    if (me.settings.compiler.hasPam) {
                        me.target.libraries.push('pam')
                    }
                    cp(['${BIN}/self.key', '${BIN}/self.crt'], 'src')
                    cp(['${BIN}/self.key', '${BIN}/self.crt'], 'test')
                `,
            },
        },

        /*
            Password utility
         */
        gopass: {
            enable: 'me.settings.goahead.auth',
            type: 'exe',
            sources: [ 'src/utils/gopass.c' ],
            headers: [ 'src/*.h' ],
            depends: [ 'libgo' ],
        },

        /*
            Compiler for web pages into C code
         */
        webcomp: {
            enable: 'me.settings.rom',
            type: 'exe',
            sources: [ 'src/utils/webcomp.c' ],
            headers: [ 'src/*.h' ],
            depends: [ ],
        },

        run: {
            home: 'src',
            run: 'goahead -v',
        },

        rom: {
            action: `
                let path = Path('src/rom.c')
                trace('Create', path)
                path.write(Cmd.run('webcomp rom.files', {dir: 'src'}))
            `,
        },

        install: {
            home: '${TOP}',
            generate: ' ',
            depends: [ 'all', 'stop', 'installBinary', 'start' ],
            action: `
                trace('Info', me.settings.title + ' installed at ' + me.prefixes.vapp)
                trace('Info', 'Configuration directory ' + me.prefixes.etc)
                trace('Info', 'Documents directory ' + me.prefixes.web)
                trace('Info', 'Executables directory ' + me.prefixes.vapp.join('bin'))
                trace('Info', 'Use "man goahead" for usage')
                trace('Info', 'Run via "cd ' + me.prefixes.etc + ' ; sudo goahead -v ' + me.prefixes.web + '"')
                trace('Info', 'Browse to ' + me.settings.goahead.listen[0].replace('*', 'localhost').replace(':80', '/'))
                let pid = Cmd.ps('goahead')
                if (pid && pid.length > 0) {
                    trace('Info', me.settings.title + ' PID: ' + pid[0].pid)
                }
            `,
        },

        projects: {
            action: `
                if (me.settings.description != 'Embedthis GoAhead Community Edition') {
                    genProjects('--set openssl.version=1.0 --with openssl', 'openssl_10', 'windows-x64')
                    genProjects('--set openssl.version=1.1 --with openssl', 'openssl_11', 'windows-x64')
                    genProjects('--with openssl', 'openssl', 'macosx-x64')
                    genProjects('')
                } else {
                    genProjects('', ['default'])
                }
            `
        },

        publish: {
            action: `publish()`,
        },

        mine: {
            action: `genProjects('', 'mine', Config.OS + '-' + Config.CPU)`,
        },

        mgen: {
            action: `genProjects('-with mbedtls', 'mine', Config.OS + '-' + Config.CPU)`,
        }
    },
})
